Thursday, June 28, 2007

Today there has been a discussion on a mailing list that I am on regarding viruses spreading across the internet. It prompted a reply to me but by time I was done I decided that it was entirely too long to send on the list so I am posting it here and giving a link on the list because I believe that there are many other people out there that can benefit from this information.

The majority of viruses that are spread today are more of a "terroristic" threat than they are actual threat to your computer. While it is very true that there are viruses and spyware that can create huge issues with using your computer it is rare that you become infected in a serious way if you have programs like AVG Anti-Virus installed and updated. Many of the viruses you read about or you get forwarded on to you are nothing more than someone's power trip. The scenario is that someone just makes something up and sends it to a large list of people explaining this "new virus" and then signs the email as someone who sounds important. The people that receive that email have a lot of good in their heart and they pass it on to all of their friends in order to protect them. The sad thing is that the person who created that email has just been given what he wanted. The email goes on from person to person and now he is sitting at home gloating about how he started that email -- meanwhile mail servers everywhere are having to deal with the issue of increased load.There definately are viruses out there that can do damage to your data but if you have a reputable virus scanning program active on your computer, there is no need to fear. Yes, there is a chance that a virus can get around a properly working virus scanner but the fear that people have over the possibility ends up being a greater risk than the actual possibility it's self.

In some cases, the virus is "coming" from someone that is a friend or relative or from a reputable company. This is done typically by one of 2 ways. If a computer becomes infected with a virus, that virus will prey on that person's email program (in almost all cases its Outlook or Outlook Express) and read the address book. Because the virus has affected the programming of the email program it's self, it has the ability to send an email without the owner of the computer even knowing it was sent, thus, someone you know has sent you a virus -- but it's actually just their computer that sent it. The second way this is done is by "forging". Someone with enough equipment at their disposal can actually manipulate the headers of an email. As an analogy, consider your mailbox in front of your house. Every day you go to that mailbox and you get mail out of it and you assume that your postman put that mail there. All of your mail is always addressed to you and the return addresses are all from people you know or from companies that you know and trust. The thing is the return address may not be accurate at all. I could easily write my friend's address that lives in PA on an envelope and mail it from here in VA. When you receive that you may not even think to look at the post mark. If you notice that someone from PA is sending you a letter but the post mark says it's from another state you have to ask if the person you know would have any business in VA. It's possible your friend really was visiting someone in VA and mailed a letter from there, but, if you know there is no way that person ever would have been in VA then there is cause for concern. Another possibility in your mail box scenario is that your post man delivers your mail but someone else sneaks by later and puts a letter in the box that appears to be delivered by your post man. Someone else was posing as your post man whether you saw that person or not and the same can occur on internet mail systems. Some mail servers pretend to be other mail servers. There are forensics that can actually still trace these types of forgeries.

The MOST important thing is this (as I continue the mailbox analogy): Think of the odds that someone snuck something into your mailbox and the odds that it would have actually been some type of communicable disease. It's rare that you would be the receipant of something such as this but even in most cases, you would recognize something wasn't quite right and would have, at the very least, taken corrective action immediately. This is exactly what your virus scanner is doing. The larger concern in the reality of what you get in your mailbox are things such as scams, unwanted advertisements, requests to do something (such as cash a check) that gives the sender the right to some of your information or to sign you up for something. It's also possible that you get something requesting personal information about an account that you have and you fill it out and return the information and the receipant of that information wasn't actually your bank or other company you deal with. These issues are very present in email and no virus scanner can help you from them -- and none of them contain a virus at all. You may ask "If I get an email from First National Bank and I do have an account there, how did they know?" ... The reality is that email may have been sent to 2,000 people and 1,990 of them deleted it because they didnt have an account there. The sender of the email doesnt have a clue but they send the email to a large enough list of people that at least a few are bound to have an account and willingly provide the information -- those few people are enough to make it worth his time.

There are things you can do to protect yourself (and the internet):

1> Never panic and send emails to others warning them of a virus. The largest percentage of these emails are actually more of a chain letter than anything else -- or designed to inflict fear. If you get something and you are concerned that it really might be legit the best thing to do is check http://www.snopes.com and do a search for the email you received. Your likely to find a copy of the same email you received.

2> If you are running Windows, make sure you have an anti-virus program installed. Grisoft has a free program called AVG Free Edition that works extremely well -- even better than Norton and McAffee. You can find it at http://free.grisoft.com

3> Use email programs other than Outlook or Outlook Express. Most actual viruses prey on the programming inside of those applications -- they are written that way because the author knows thats what most people use. A great alternative is Thunderbird from Mozilla. Mozilla also has a great web browser called Firefox which protects your computer a lot more than Internet Explorer. You can find both programs at http://www.mozilla.com

4> Never click on a link inside an email. If there is a link inside an email copy the text of the link you see and then paste that into your web browser. The internet allows for you to create a link to a page but instead of actually displaying the link you can put a description of what the link is to. Scammers often use this to their advantage. If your bank is www.mybank.com then you are more likely to click on a link that is http://www.mybank.com/login/index.html ... But the person who authored the email may be using the description feature and creates a link to http://www.myscam.com/login/index.html but when he describes it, he doesnt use a sentence or a word but a fake address. The result is you click on a link that looks valid but the hidden link is actually going to somewhere else. If you copy and paste the text you see rather than just clicking the link, you eliminate this possibility.

Hopefully this little tutorial helps you folks out and hopefully it was clear enough for even non computer literate users to understand.